{{template "base" .}} {{define "title"}}{{.Title}}{{end}} {{define "extra_css"}} {{end}} {{define "page_body"}}
TOTP (Authenticator app)

Status: {{if .TOTPConfig.Enabled }}"Enabled". Current configuration: "{{.TOTPConfig.ConfigName}}"{{else}}"Disabled"{{end}}

Disable

SSH protocol (SFTP/SCP/SSH commands) will ask for the passcode if the client uses keyboard interactive authentication.

HTTP protocol means Web UI and REST APIs. Web UI will ask for the passcode using a specific page. For REST API you have to add the passcode using an HTTP header.

FTP has no standard way to support two factor authentication, if you enable the FTP support, you have to add the TOTP passcode after the password. For example if your password is "password" and your one time passcode is "123456" you have to use "password123456" as password.

WebDAV is not supported since each single request must be authenticated and a passcode cannot be reused.

Update protocols
Generate new secret

Your new TOTP secret is:

For quick setup, scan this QR code with your TOTP app:

QR code

After you configured your app, enter a test code below to ensure everything works correctly. Recovery codes are automatically generated if missing or most of them have already been used

Verify and save
Recovery codes

Recovery codes are a set of one time use codes that can be used in place of the TOTP to login to the web UI. You can use them if you lose access to your phone to login to your account and disable or regenerate TOTP configuration.

To keep your account secure, don't share or distribute your recovery codes. We recommend saving them with a secure password manager.

View

If you generate new recovery codes, you automatically invalidate old ones.

Generate
{{end}} {{define "dialog"}} {{end}} {{define "extra_js"}} {{end}}